1. Field of the Invention
This invention relates generally to communication systems, and, more particularly, to wireless communication systems.
2. Description of the Related Art
Wireless communication systems are commonly employed to provide voice and/or data communications. Referring to FIG. 1, for example, a wireless communication system 100 generally comprises a wireless network 104 that is operable to communicate with one or more wireless devices 108. In this example, the wireless network 104 and the wireless device 108 communicate over a wireless link 110. Although not shown, the wireless link 110 may include any number of intermediate devices that facilitate wireless communication between the wireless network 104 and the wireless device 108. For example, the wireless link 110 may include repeaters, antennas, routers, satellites, and the like.
Existing and emerging wireless communication systems are generally comprised of heterogeneous collections of air-interface technologies, network architectures, and wireless protocols. For example, wireless communication systems may operate using IEEE-802.11 (WiFi) wireless networks that provide access to local area and “hotspot” networks, IEEE-802.16 (WiMax) networks that provide fixed wireless and mobile broadband access, Evolution Data Optimized networks (1×EVDO) that provide access to third generation (3G) mobile data users, and the like. The diversity present in the different wireless technologies is generally attributable to the context and markets they serve.
In FIG. 1, for example, the wireless network 104 may be a 1×EVDO network providing broadband data access to mobile data users. In this example, the infrastructure of the wireless network 104 may include base transceiver stations (BTS), radio network controllers (RNC), packet data servicing nodes (PDSN), and the like. In this same example, the wireless device 108 may be a mobile unit, such as a cellular telephone, personal data assistant, text messaging device, laptop, and the like. In another example, the wireless network 104 may be an IEEE 802.11 network that includes at least one wireless access point in data communication with a local area network. In general, wireless communication systems 100 may be configured using any known, emerging, or yet to be developed wireless technologies, and these wireless communication systems 100 may be operable with any number of fixed or mobile wireless devices 108.
The Open Systems Interconnection (OSI) is a generally accepted reference model that provides a description of how data (e.g., messages, packets, datagram, frames, etc.) is transmitted between two points in a communication system. For simplicity, the terms “packet”, “data packet”, and “frame” will be used interchangeably herein to generally refer to data that has been arranged in a known manner, such as an IP frame, Point-to-Point Protocol (PPP) frame, Radio Link Protocol (RLP) frame, Signaling Link Protocol (SLP) frame, or any other known or to be developed data format. In FIG. 1, for example, packets of data may be transmitted between the wireless network 104 and the wireless device 108, in either direction. In this example, the packets may include payload data representative of voice, video, signaling messages, or any other type of information. The protocol used to transmit the packets of data ordinarily specifies a particular frame format (e.g., RLP, IP, SLP, etc.)
Those skilled in the art will appreciate that the OSI reference model defines functional layers that typically take place at each end of a communication session. For convenience, communication processes and/or applications are often categorized into one of the OSI functional layers. For example, layer 4 in the OSI model, the transport layer, includes processes and/or applications responsible for determining, amongst other things, whether all packets have arrived in a given communication session. It should be appreciated, however, that the OSI model is not always strictly adhered to in terms of keeping related functions together in a well-defined layer. Moreover, a given communication session may not include a functional component from each layer of the OSI reference model.
Access networks in wireless communication systems are ordinarily most closely associated with the physical and media access control (MAC) layers of the OSI model. However, wireless networks often have special requirements related to error recovery and bandwidth management. As such, the physical and MAC layers are often supplemented with other layers that relate to additional functions in a wireless communication session. In addition, wireless network signaling mechanisms are often not IP based and are ordinarily specifically tailored to the particular access technology. As a result, wireless access networks often employ a set of functional layers below the network layer that are access technology specific.
FIG. 2 shows an illustrative air-interface layering architecture 200 applicable to a 1×EVDO network. For the purpose of brevity, such air-interface layering is illustrated herein only for a 1×EVDO network. It should be understood, however, that other access networks use similar principles, but with possible variations due to technology differences, implementation considerations, and the like. In short, air-interface layering can be considered as a sequence of logical steps that a packet of data traverses before transmission over a wireless link in a wireless communication system.
Block 204 is representative of the air-interface application layer which generally comprises frame formats that are independent of the particular air-interface. The air-interface application layer frame format is ordinarily IP or PPP. Other frame formats may be used as well. In the context of a 1×EVDO network, air-interface frames include RLP frames and SLP frames. RLP uses a byte-oriented sequence number reflecting the order in which octets are received from a higher layer, usually IP or PPP. Multiple RLP packet sizes are supported by the standard.
The air-interface application layer is typically considered the functional layer associated with the ingress and egress point(s) of a wireless network. In the context of sending a packet of data over a wireless network (i.e., ingress), the air-interface application layer typically receives an IP or PPP frame from a functional layer above. For example, the air-interface application layer may receive an IP packet from a VoIP application. In this case, the air-interface application layer performs its processing and passes the data to the next layer below. For egress, the air-interface application layer typically receives data from a lower functional layer. In this case, the data has ordinarily been transmitted over a wireless link and handed-off to the air-interface application layer after having been processed by lower functional layers. The air-interface application layer processes the data and provides it to a higher layer (not shown), such as a VoIP application.
The data stream layer is shown by box 208. The data stream layer provides a mechanism for distinguishing between different air-interface applications by adding a 2-bit stream identifier header to the data packets in a given communication session. The session layer, represented by box 212, provides address management, air-interface protocol negotiation and configuration, and state maintenance services. Box 216, the connection layer, provides air-link connection establishment and maintenance services.
The security layer, shown by box 220, provides link layer security support. One conventional approach to link layer security in a 1×EVDO network employs a 2-byte cryptosynch added as a header to the connection layer packet. Before transmission, the cryptosynch may be provided as an input to an encryption algorithm (e.g., DES or AES) possibly with other parameters, such as a key, to encrypt the data packet. With this approach, the cryptosynch is ordinarily appended to the data packet and transmitted to the receiver. The receiver may then use the cryptosynch possibly with other parameters, such as a previously agreed to key, to decrypt the packet. Hereafter, the terms “cryptosynch” and “cryptographic synchronization parameter” may be used interchangeably to generally refer to any security parameter that may be used with packet encryption and/or authentication.
If a packet is to be authenticated, a message authentication tag may be computed and added toward the end of the connection layer packet. The addition of a message authentication tag is generally referred to as explicit message authentication. This is because the authentication tag is appended to the packet and transmitted to the receiver. The receiver uses the tag in conjunction with a message authentication algorithm (e.g., iterated cryptographic hash function) to authenticate the message. As will be described below, the addition of a cryptosynch and/or authentication tag to data packets undesirably decreases bandwidth capacity and increases the amount of end processing required in a communication session. This is especially true for time sensitive applications, such as Voice over IP (VoIP).
Moving to box 224, the MAC layer supports air-interface scheduling functions (by the network). In addition, multiple MAC layer payload sizes are supported. The physical layer, shown by box 226, provides channel and error control coding functions. Each layer in the aforementioned air-interface layering architecture supports multiple protocols, and except for the session and connection layers (boxes 212 and 216), each layer typically adds a header to a packet functionally traversing the air-interface layers.
Security is typically an important feature in most, if not all, communication systems. In a banking context, for example, participants engaging in a financial undertaking expect their electronic transactions to be completed as intended without alteration by adversaries (i.e., persons attempting to gain unauthorized access to communications). An adversary may attempt to change the destination and/or value of banking transactions, such that transactions are processed in a manner unintended by the participants. Integrity protection mechanisms are used to prevent an adversary from altering information in a communication unbeknownst to the communication provider and/or the communication participants.
Wireless communications introduce a new degree of security risk over conventional land-based systems. In a wireless environment, adversaries are able to more easily eavesdrop because information is sent over a wireless link that is considered more accessible than conventional land-based channels. As described in FIG. 2, wireless communication systems typically employ some form of link layer security to protect against attacks from adversaries. Although most wireless networks use the Internet Protocol (IP) as the network layer protocol, wireless communication systems (e.g., 802.11, CDMA, WiMax, UMTS, etc.) lack a common framework to link layer security, thus making the various systems incompatible with each other. That is, each wireless communication system typically has its own link layer security standard.
The role of link layer security mechanisms is often complimentary to network layer security protocols, such as IPsec as well as transport layer protocols, such as Transport Layer Security and Secure Socket Layer (TLS/SSL). Typically, network and transport layer protocols tend to offer “end-to-end” security with a view towards protecting user data from eavesdropping and modification. Network layer security, such as IPsec, is a relatively resource taxing mechanism to implement.
Link layer security protocols are often designed to protect network providers and users from fraud at the access layer, apart from offering privacy as well as protecting the network. For example, in the absence of link layer encryption and/or packet authentication, even in the presence of end-to-end IPsec, and adversary could steal service by posing as a legitimate user. This is primarily due to the fact that data networks are “packet switched” and shared by many users. Entity authentication and authorization are useful to grant admission to legitimate users, but do not prevent imposters from stealing service, since data traffic is served in bursts and not continuously.
As previously mentioned, link layer security mechanisms are generally access technology specific. For example, link layer security mechanisms used for 1×EVDO networks are incompatible with 802.11 networks, thus making it more challenging, if not impossible, for a user to seamlessly transition from one access technology to another. This incompatibility results in providers making additional investments in software, hardware, and maintenance/management expenditures.
With time sensitive applications, such as VoIP and video, a balance is required between security and efficiency. Such applications require data to be delivered and processed within predetermined timing guidelines to function properly. Conventional security mechanisms often have an undesirable consequence of contributing to timing delays for time sensitive applications. Security induced timing delays are ordinarily the result of the additional processing and consumption of resources required to implement the security mechanism. Moreover, traditional link layer security mechanisms necessitate packet expansion to accommodate the addition of a cryptosynch to the data packet before transmission. As described, the cryptosynch may be used for encryption and/or message authentication.
Packet expansion is particularly problematic for full rate voice packets because, as will be shown below, encrypted link layer VoIP packets may not fit into a physical layer frame. FIG. 3 illustrates the aforementioned packet expansion problem that may be encountered using conventional link layer security mechanism in a 1×EVDO network. In this example, a VoIP packet is shown traversing various air-interface layers, including the 1×EVDO security layer described in FIG. 2. For ease of description, reference numerals 1-5 have been added to the Figure to more easily identify certain steps. It should be appreciated, however, that FIG. 3 is a simplified representation intended only to illustrate the problem of packet expansion. Likewise, FIG. 3 is not intended to be an exhaustive representation of all the steps a packet may take in preparation for transmission over a wireless link.
At step 1, the VoIP packet is received by the air-interface application layer. Robust Header Compression (ROHC) is applied, and at step 2, the packet is shown reduced to 208 bits. Shown at step 3, the 1×EVDO standard proposes the use of a 14-bit header for RLP. In one embodiment, the RLP header is comprised of 5 bits for LinkflowID, 1 bit for direction, 2 bits to indicate last and first frames, and 6 bits to indicate a sequence number of the packet.
As described above, at step 4, link layer security in 1×EVDO necessitates packet expansion to accommodate an explicit 2-byte cryptosynch 300 as overhead. The cryptosynch is appended to the data packet, and transmitted therewith to a receiver (e.g., wireless device). The receiver uses the cryptosynch and possibly a secret key to decrypt the data packet.
At step 5, once a Cyclic Redundancy Code (CRC) and 2-bit MAC header are added to the packet, the packet assumes a length of 272 bit. As such, full rate voice frames will not fit into a 256-bit physical layer frame, but if the same packet is transmitted unencrypted (i.e., without the 2-byte cryptosynch) then it will exactly fit into a 256-bit frame. In the case of 1×EVDO systems, the packet expansion forces the use of the next higher physical layer packet size, which in one application is 512 bit, thus doubling the physical layer packet size, in this illustrative example.
In an effort to satisfy delay requirements for time sensitive applications, link layer security mechanisms are typically implemented close to the physical layer. This is shown, for example, in the 1×EVDO air interface layering architecture of FIG. 2. Unfortunately, link layer security mechanisms that are implemented in this manner are usually unable to effectively separate signaling applications from other user data applications. As a result, providers have limited ability to customize encryption and authentication for different streams of data. For example, wireless access providers could choose to authenticate every signaling message but provide encryption with no explicit authentication for user data packets. Moreover, a user may insist that best effort packets are encrypted and authenticated over the wireless link, but may choose not to authenticate every VoIP packet. With current link layer security mechanisms applied so close to the physical layer, such separation is difficult, if not impossible, without incurring layer violation.
What is needed, therefore, is a security mechanism that operates relatively independent from the underlying access technology, as compared with conventional security mechanisms. The security mechanism should be applicable to most, if not all, wireless access technologies. Moreover, the security mechanism should provide some degree of flexibility, while reducing the overhead required with conventional security and/or authentication mechanisms.